Bug#578736: This is actually a security concern
Soeren Sonnenburg
sonne at debian.org
Tue May 4 05:38:11 UTC 2010
Package: gdm3
Version: 2.30.2-1
Severity: grave
a user logging out would not expect his session to be auto-logged in
again / a background crash hands over the users session
-- System Information:
Debian Release: squeeze/sid
APT prefers stable
APT policy: (700, 'stable'), (650, 'testing'), (600, 'unstable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32.11-sonne (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages gdm3 depends on:
ii adduser 3.112 add and remove users and groups
ii aterm [x-terminal-emula 1.0.1-7 Afterstep XVT - a VT102 emulator f
ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy
ii eterm [x-terminal-emula 0.9.5-2 Enlightened Terminal Emulator
ii fluxbox [x-window-manag 1.1.1-7 Highly configurable and low resour
ii gconf2 2.28.1-3 GNOME configuration database syste
ii gnome-session [x-sessio 2.30.0-1 The GNOME Session Manager - GNOME
ii gnome-session-bin 2.30.0-1 The GNOME Session Manager - Minima
ii gnome-terminal [x-termi 2.30.0-1 The GNOME terminal emulator applic
ii kterm [x-terminal-emula 6.2.0-46 Multi-lingual terminal emulator fo
ii kwin [x-window-manager] 4:3.5.9.dfsg.1-6 the KDE window manager
ii libart-2.0-2 2.3.21-1 Library of functions for 2D graphi
ii libatk1.0-0 1.30.0-1 The ATK accessibility toolkit
ii libattr1 1:2.4.44-1 Extended attribute shared library
ii libaudit0 1.7.13-1+b1 Dynamic library for security audit
ii libbonobo2-0 2.24.3-1 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.24.3-1 The Bonobo UI library
ii libc6 2.10.2-7 Embedded GNU C Library: Shared lib
ii libcairo2 1.8.10-4 The Cairo 2D vector graphics libra
ii libcanberra-gtk0 0.22-1 Gtk+ helper for playing widget eve
ii libcanberra0 0.22-1 a simple abstract interface for pl
ii libdbus-1-3 1.2.24-1 simple interprocess messaging syst
ii libdbus-glib-1-2 0.86-1 simple interprocess messaging syst
ii libdevkit-power-gobject 1:0.9.2-1 abstraction for power management -
ii libfontconfig1 2.8.0-2.1 generic font configuration library
ii libfreetype6 2.3.11-1 FreeType 2 font engine, shared lib
ii libgconf2-4 2.28.1-3 GNOME configuration database syste
ii libglib2.0-0 2.24.1-1 The GLib library of C routines
ii libgnome2-0 2.30.0-1 The GNOME library - runtime files
ii libgnomecanvas2-0 2.30.1-1 A powerful object-oriented display
ii libgtk2.0-0 2.20.1-1 The GTK+ graphical user interface
ii liborbit2 1:2.14.18-0.1 libraries for ORBit2 - a CORBA ORB
ii libpam-modules 1.1.1-3 Pluggable Authentication Modules f
ii libpam-runtime 1.1.1-3 Runtime support for the PAM librar
ii libpam0g 1.1.1-3 Pluggable Authentication Modules l
ii libpanel-applet2-0 2.28.0-3+b1 library for GNOME Panel applets
ii libpango1.0-0 1.28.0-1 Layout and rendering of internatio
ii libpolkit-gobject-1-0 0.96-2 PolicyKit Authorization API
ii libpolkit-gtk-1-0 0.96-2 PolicyKit GTK+ API
ii libpopt0 1.15-1 lib for parsing cmdline parameters
ii librsvg2-common 2.26.3-1 SAX-based renderer library for SVG
ii libselinux1 2.0.94-1 SELinux runtime shared libraries
ii libwrap0 7.6.q-18 Wietse Venema's TCP wrappers libra
ii libx11-6 2:1.3.3-3 X11 client-side library
ii libxau6 1:1.0.5-2 X11 authorisation library
ii libxdmcp6 1:1.0.3-2 X11 Display Manager Control Protoc
ii libxklavier16 5.0-2 X Keyboard Extension high-level AP
ii libxml2 2.7.7.dfsg-2 GNOME XML library
ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip
ii metacity [x-window-mana 1:2.30.1-1 lightweight GTK+ window manager
ii mutter [x-window-manage 2.29.0-2 lightweight GTK+ window manager
ii policykit-1-gnome 0.96-2 GNOME authentication agent for Pol
ii terminator [x-terminal- 0.93-1 multiple GNOME terminals in one wi
ii twm [x-window-manager] 1:1.0.4-2 Tab window manager
ii upower 0.9.2-1 abstraction for power management
ii wterm [x-terminal-emula 6.2.9-8.1 lightweight terminal emulator for
ii xterm [x-terminal-emula 256-1 X terminal emulator
ii xvt [x-terminal-emulato 2.1-20 X terminal-emulator similar to xte
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages gdm3 recommends:
ii at-spi 1.30.1-1 Assistive Technology Service Provi
ii gnome-icon-theme 2.30.2.1-1 GNOME Desktop icon theme
ii gnome-power-manager 2.30.1-1 power management tool for the GNOM
ii gnome-settings-daemon 2.30.1-1 daemon handling the GNOME session
ii xnest 2:1.7.6.901-3 Nested X server
ii xserver-xephyr 2:1.7.6.901-3 nested X server
ii xserver-xorg 1:7.5+5 the X.Org X server
ii zenity 2.30.0-1 Display graphical dialog boxes fro
Versions of packages gdm3 suggests:
ii gnome-mag 1:0.16.1-1 a screen magnifier for the GNOME d
ii gnome-orca 2.30.1-1 Scriptable screen reader
ii gok 2.30.0-1 GNOME Onscreen Keyboard
ii libpam-gnome-keyring 2.30.1-2 PAM module to unlock the GNOME key
ii metacity 1:2.30.1-1 lightweight GTK+ window manager
-- Configuration Files:
/etc/gdm3/daemon.conf changed [not included]
-- debconf information excluded
More information about the pkg-gnome-maintainers
mailing list